Blackphone 2 Caters To the Enterprise, the Security-Minded and the Paranoid

Mark Wilson writes While much of the news coming out of MWC 2015 has been dominated by Microsoft's Lumia 640, the Samsung Galaxy S6 Edge, and tablets from Sony, there's always room for something a little different. Following on from the security-focused Blackphone, Silent Circle used the Barcelona event to announce the follow-up — the Blackphone 2. The privacy-centric company has been working on the "world's first enterprise privacy platform" for some time now and the second generation Blackphone. As you would expect, there's a faster processor than before -- an 8-core beast -- as well as an upgraded 3GB RAM, a larger 5.5 inch screen and a bigger battery than before. Blackphone 2 has a $600 price tag and will be unleashed in July.

What about the non-paranoid?

This company is taking advantage of the paranoid. I want a device that actually has a chance at respecting my privacy. Your not going to get that in a true mobile phone as the GSM module is going to enable big brother to track you at all times. It's just how the thing works. What we need is a device that is mass produced, cost effective (as you need significant numbers for it to be privacy friendly), and text-oriented. That GSM modem can't be always-on or they'll learn who you are by the movements you make. We need a device that communicates only occasionally, can be purchased anonymously, and is identical to other devices-or near so. The carrier should never be able to identify the messages being sent or to whom. There also needs to be separation of the GSM modem from the main device to avoid the GSM modem being able to snoop. The GSM modem also needs to be controlled by the main device (ie so you know your in control). Then we need the source code for rest of the device. The complete set of sources. Not some “open source” device where we really don't have a clue whats going on because there is some proprietary piece.

Re:Let me guess

[VValdo]

I know this is the second, uh, let's-just-say-"story" about Blackphone in four days, but I think it should be noted that the stolen Gemalto keys may have included "OTA keys" that can be used for over-the-air SIM card upgrades:

Access to these encryption keys do not give governmental agencies only the power to monitor cellular communications, including calls and data, but they also come with additional perks, such as the power of instructing a device to install specific programs.

Spyware could be installed on the SIM card itself, and then it could be used to install additional spy apps on a phone without the user's knowledge, or to retrieve data from it.

From the Verge story:

Manufacturers can send a binary text message directly to the SIM card, and as long as it's signed with the proper OTA key, the card will install the attached software without question. If those keys were compromised, it would give an attacker carte blanche to install all manner of spyware.

So apparently it does matter.